Mandatory Email TLS Mimecast and Office365

So we are working to configure Mandatory TLS security between 2 email domains. We have control of one, which we need to get this configured for.

They are currently using Office365 which routes through Mimecast for email filtering etc.

So my understanding of it is that we configure this on Mimecast only for incoming and outgoing mailflow, however, I am struggling to see how it works correctly, when it needs an SSL certificate from Office365 in order to work correctly?

Do we also need to configure inbound and outbound connectors for this TLS requirement on Office365?

Who is Participating?

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

The other company has already got it configured their end. I'm talking about just my end, we have Office365 which routes out to Mimecast before sending emails to receipients, and vice versa when people send to us it goes to Mimecast and then Office365. So with that, do I need to setup TLS on both of our Mimecast and Office365 portals? Or will just on Mimecast be sufficient?